The Robust Malware Detection Challenge and Greedy Random Accelerated Multi-Bit Search

S.E. Verwer, A. Nadeem, C.A. Hammerschmidt, L. Bliek, Abdullah Al-Dujaili, Una-May O’Reilly

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

2 Downloads (Pure)

Abstract

Training classifiers that are robust against adversarially modified examples is becoming increasingly important in practice. In the field of malware detection, adversaries modify malicious binary files to seem benign while preserving their malicious behavior. We report on the results of a recently held robust malware detection challenge. There were two tracks in which teams could participate: the attack track asked for adversarially modified malware samples and the defend track asked for trained neural network classifiers that are robust to such modifications. The teams were unaware of the attacks/defenses they had to detect/evade. Although only 9 teams participated, this unique setting allowed us to make several interesting observations. We also present the challenge winner: GRAMS, a family of novel techniques to train adversarially robust networks that preserve the intended (malicious) functionality and yield high-quality adversarial samples. These samples are used to iteratively train a robust classifier. We show that our techniques, based on discrete optimization techniques, beat purely gradient-based methods. GRAMS obtained first place in both the attack and defend tracks of the competition.
Original languageEnglish
Title of host publicationWorkshop on artificial intelligence and security
PublisherAssociation for Computing Machinery (ACM)
Number of pages11
ISBN (Electronic)978-1-4503-8094-2
DOIs
Publication statusAccepted/In press - 24 Aug 2020
Event13th ACM Workshop on
Artificial Intelligence and Security
- Orlando, United States
Duration: 13 Nov 202013 Nov 2020
Conference number: 13

Conference

Conference13th ACM Workshop on
Artificial Intelligence and Security
Abbreviated titleAISec 2020
CountryUnited States
CityOrlando
Period13/11/2013/11/20

Fingerprint Dive into the research topics of 'The Robust Malware Detection Challenge and Greedy Random Accelerated Multi-Bit Search'. Together they form a unique fingerprint.

  • Cite this

    Verwer, S. E., Nadeem, A., Hammerschmidt, C. A., Bliek, L., Al-Dujaili, A., & O’Reilly, U-M. (Accepted/In press). The Robust Malware Detection Challenge and Greedy Random Accelerated Multi-Bit Search. In Workshop on artificial intelligence and security Association for Computing Machinery (ACM). https://doi.org/10.1145/3411508.3421374